package com.gitee.wsl

import com.gitee.wsl.security.rbac.RoleBasedAccessControlImp
import com.gitee.wsl.security.rbac.RoleBasedAccessControlImp.Companion.printSubjectPermissionDefine
import com.gitee.wsl.security.rbac.UserGroup
import com.gitee.wsl.security.rbac.Subject
import com.gitee.wsl.security.rbac.permissionAccessSystem
import kotlin.test.Test


class RoleBasedAccessTest {

    //可用工具生成
    object SamplePermission{
        val PRINT="Able print"
        var DELETE="delete"

        val CREATE_FILE="File file"

        val PERMISSION_GROUP="sample permission group"
    }

    val defaultRuleAccess= permissionAccessSystem {

        userGroup{
            name="CEO"
            user("user1","user0")
            userGroup{
                name="CFO"
                user("user9","user2")
            }
            userGroup{
                name="COO"
                user("user3","user2")
            }
        }

        subject{
            name= Subject.DEFAULT.name
            permission(SamplePermission.CREATE_FILE,SamplePermission.DELETE)
            subject {
                name="sample subject"
                permission(SamplePermission.DELETE,SamplePermission.PRINT)

                subject {
                    name="sample sub subject"
                }
            }
            subject {
                name="sample other subject"
                permission(SamplePermission.CREATE_FILE)
            }
        }

        permissionGroup(SamplePermission.PERMISSION_GROUP,SamplePermission.DELETE,SamplePermission.PRINT)

        ruleBaseOnSubject("system")

        rule("admin"){
            user("CEO")
            grantAll()
        }

        rule("guest"){
            user("guest")
            disableAll()
        }

        rule("sample rule"){
            user("user1","user2")
            permissionOn(Subject.DEFAULT.name){
                grantAll()
            }
            permissionOn(Subject.DEFAULT.name,"sample subject"){
                grant(SamplePermission.DELETE,SamplePermission.PRINT)
            }
        }

        rule("sample other rule"){
            user(UserGroup.DEFAULT.name,"user4")
            copyFrom("system")
        }

        rule("sample base rule","sample rule"){
            user("user2","user4")
        }

    }


    @Test
    fun testRoleBasedAccess(){

    }

    @Test
    fun testPrintSubjectPermissionDefine(){
        defaultRuleAccess as RoleBasedAccessControlImp
        printSubjectPermissionDefine(defaultRuleAccess.context.subjectPermissionCategory)
    }
}
